Researchers Detect New North Korea-Linked MacOS Malware on Crypto Trading Site
Ana Alexandre's original article for cointelegraph.com reduced by 52%
Security researchers have discovered a new cryptocurrency-related macOS malware believed to be the product of North Korean hackers at the Lazarus Group. As tech-focused publication Bleeping Computer reported on Dec. 4, malware researcher Dinesh Devadoss encountered a malicious software on a website called "Unioncrypto.vip," that advertised a "Smart cryptocurrency arbitrage trading platform." The website did not cite any download links, but hosted a malware package under the name "UnionCryptoTrader." According to the researchers, the malware can retrieve a payload from a remote location and run it in memory, which is not common for macOS, but more typical for Windows.
This feature makes it difficult to detect the malware and carry out forensic analysis. After conducting an analysis of the newly detected malware, security researcher Patrick Wardle determined "Clear overlaps" with malware found by MalwareHunterTeam in mid-October, which purportedly led to the Lazarus group. At the time, the researchers detected that Lazarus had created another malware targeting Apple Macs that masquerades behind a fake cryptocurrency firm.
In late November, United States prosecutors announced the arrest of Virgil Griffith, who allegedly traveled to North Korea to deliver a presentation on how to use crypto and blockchain technology to circumvent sanctions.
Donate Bitcoin to this address
Scan the QR code or copy the address below into your wallet to send Bitcoin
Donate Ethereum to this address
Scan the QR code or copy the address below into your wallet to send Ethereum
Donate With MetaMask
Donate ETH With MetaMask
Alternatively, support us by using the following referral links:
CN [too long; didn’t read]
Summarised crypto news.